Application Compatibility

Oracle Linux maintains user space compatibility with Red Hat Enterprise Linux (RHEL), which is independent of the kernel version that underlies the operating system. Existing applications in user space will continue to run unmodified on Oracle Linux 7 Update 5 with the UEK Release 4 and no re-certifications are needed for applications already certified with Red Hat Enterprise Linux 7 or Oracle Linux 7.

Notable security-related features in this release:

Support for Memory Protection Keys on recent Intel processors. This update includes support for the Memory Protection Keys hardware feature on recent Intel processors. CPUs provide this support through a new user-accessible register (PKRU) that contains two separate bits (Access Disable and Write Disable) for each key.

Ability to unlock encrypted devices connected to a network during the boot process. Previously, block devices that were connected to a network could not be unlocked during the boot process because it was not possible to connect and decrypt these devices prior to starting any network services.

SSLv3 disabled in mod_ssl. To improve security for SSL/TLS connections, support for SSLv3 in the default configuration for the httpd mod_ssl module has been disabled. This change also restricts the use of certain cryptographic cipher suites.